L2 Company Limited is proud to announce that L2 has achieved certification in the AV-Comparatives 2026 Shellcode Execution/Process Injection Certification Test. Notably, all endpoint detection and response (EDR) capabilities evaluated in this assessment are also fully delivered through FortiEndpoint, Fortinet’s unified endpoint platform. L2 successfully prevented or detected all 15 shellcode execution and process injection techniques evaluated in the assessment, achieving a 100% protection rate and passing the false-positive validation tests. This significantly exceeded AV-Comparatives’ certification requirement to prevent or detect at least 10 of 15 tested techniques without blocking legitimate applications.The AV-Comparatives Process Injection Certification evaluates how effectively endpoint security solutions prevent or detect advanced shellcode execution and process injection techniques that attackers and red teams frequently use to evade traditional defenses. These techniques are commonly associated with ransomware, fileless malware, privilege escalation, credential theft, and lateral movement attacks.Unlike traditional malware tests that focus primarily on file-based threats, this assessment specifically evaluates protection against evasive in-memory attack techniques mapped to MITRE ATT&CK T1055 (Process Injection).
To achieve certification, products were required to successfully prevent or detect at least two-thirds of the tested techniques without generating false positives for legitimate applications.Fortinet successfully prevented or detected all 15 process injection and shellcode execution techniques tested in the assessment:
In addition, Fortinet passed the false-positive validation test, ensuring that legitimate applications were not improperly blocked or disrupted.According to AV-Comparatives, L2 met the certification requirements by “successfully prevent[ing] or detect[ing] the Shellcode Execution/Process Injection attempts used in this test.”
Process injection remains one of the most widely used techniques in modern cyberattacks because it enables adversaries to hide malicious activity within legitimate processes and evade traditional signature-based security controls.These techniques are frequently leveraged by attackers for:
The AV-Comparatives test intentionally varied multiple attack parameters, including shellcode frameworks, execution methods, APIs, injection techniques, and target processes, to simulate realistic attacker behavior.The evaluated techniques included both self-injection and remote injection scenarios, using a variety of execution methods commonly associated with advanced threat actors and modern ransomware campaigns.
The certification further validates Fortinet’s prevention-first approach to endpoint security. Modern attacks increasingly rely on stealthy in-memory techniques to bypass traditional antivirus and static detection methods. Organizations therefore require behavioral protection that detects malicious runtime activity before attackers can establish persistence or move laterally. L2’s layered endpoint protection combines behavioral detection, exploit prevention, anti-ransomware protection, and real-time response to help organizations stop advanced threats earlier in the attack chain.
Although the certification was conducted using L2, customers receive the same validated EDR capabilities through FortiEndpoint, Fortinet’s unified endpoint platform. L2 Endpoint unifies EPP, EDR, ZTNA/VPN, DLP, vulnerability visibility, threat-hunting telemetry, and AI-assisted operations into a single platform that simplifies endpoint security and improves protection and visibility across hybrid environments.This unified approach helps organizations reduce agent sprawl, simplify operations with a single agent and a single console, accelerate detection and response, and lower operational overhead and total cost of ownership.
This latest AV-Comparatives certification further reinforces L2’s commitment to unified endpoint protection and advanced threat prevention. As attackers continue to adopt increasingly evasive in-memory techniques, Fortinet remains focused on helping organizations reduce risk, improve visibility, and strengthen resilience through an integrated endpoint security platform.
